Multiple F5 BIG-IP Products CVE-2017-6135 Denial of Service Vulnerability

Bugtraq ID:	106190
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2017-6135
Remote:	Yes
Local:	No
Published:	Jun 10 2018 12:00AM
Updated:	Jun 10 2018 12:00AM
Credit:	The vendor reported this issue.
Vulnerable:	F5 BIG-IP WebSafe 13.0 F5 BIG-IP PEM 13.0 F5 BIG-IP LTM 13.0 F5 BIG-IP Link Controller 13.0 F5 BIG-IP GTM 13.0.0 F5 BIG-IP DNS 13.0 F5 BIG-IP ASM 13.0 F5 BIG-IP APM 13.0 F5 BIG-IP Analytics 13.0 F5 BIG-IP AFM 13.0 F5 BIG-IP AAM 13.0
Not Vulnerable:	F5 BIG-IP WebSafe 13.1 F5 BIG-IP WebSafe 13.0.1 F5 BIG-IP PEM 13.1 F5 BIG-IP PEM 13.0.1 F5 BIG-IP LTM 13.1 F5 BIG-IP LTM 13.0.1 F5 BIG-IP Link Controller 13.1 F5 BIG-IP Link Controller 13.0.1 F5 BIG-IP GTM 13.1 F5 BIG-IP GTM 13.0.1 F5 BIG-IP DNS 13.1 F5 BIG-IP DNS 13.0.1 F5 BIG-IP ASM 13.1 F5 BIG-IP ASM 13.0.1 F5 BIG-IP APM 13.1 F5 BIG-IP APM 13.0.1 F5 BIG-IP Analytics 13.1 F5 BIG-IP AFM 13.1 F5 BIG-IP AFM 13.0.1 F5 BIG-IP AAM 13.1 F5 BIG-IP AAM 13.0.1

Multiple F5 BIG-IP Products CVE-2017-6135 Denial of Service Vulnerability

Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability.

Exploiting this issue allows remote attackers to cause a denial-of-service condition due to excessive memory consumption.

Multiple F5 BIG-IP Products CVE-2017-6135 Denial of Service Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Multiple F5 BIG-IP Products CVE-2017-6135 Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Multiple F5 BIG-IP Products CVE-2017-6135 Denial of Service Vulnerability

References:

• F5 BIG-IP Homepage (F5)
  
• K43322910: Linux kernel vulnerability CVE-2017-6135 (F5)